package com.bohua.Car.admin.Config;

import com.bohua.Car.admin.shiro.ShiroDbRealm;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.session.mgt.ServletContainerSessionManager;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.cache.ehcache.EhCacheManagerFactoryBean;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
   /* *//*
    *
    * 安全管理器
    * *//*
    @Bean
    public DefaultWebSecurityManager securityManager(CookieRememberMeManager rememberMeManager, CacheManager cacheManager
    , SessionManager sessionManager){
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        securityManager.setRealm(this.shiroDbRealm());
        securityManager.setCacheManager(cacheManager);
        securityManager.setRememberMeManager(rememberMeManager);
        securityManager.setSessionManager(sessionManager);
        return securityManager;
    }

    *//**
     * spring session管理器（多机环境）
     *//*
    @Bean
    @ConditionalOnProperty(prefix = "guns", name = "spring-session-open", havingValue = "true")
    public ServletContainerSessionManager servletContainerSessionManager() {
        return new ServletContainerSessionManager();
    }


  *//*  @Bean
    @ConditionalOnProperty(prefix = "guns", name = "spring-session-open", havingValue = "false")
    public DefaultWebSessionManager defaultWebSessionManager(CacheManager cacheShiroManager){

    }*//*

    *//**
     * 记住密码Cookie
     * @return
     *//*
    @Bean
    public SimpleCookie rememberMeCookie(){
        SimpleCookie simpleCookie=new SimpleCookie("rememberMe");
        simpleCookie.setHttpOnly(true);
        simpleCookie.setMaxAge(7 * 24 * 60 * 60);
        return simpleCookie;
    }

    *//**
     * rememberMe管理器，cipherKey生成见
     * @param rememberMeCookis
     * @return
     *//*
    @Bean
    public CookieRememberMeManager rememberMeManager(SimpleCookie rememberMeCookis){
        CookieRememberMeManager manager=new CookieRememberMeManager();
        manager.setCipherKey(Base64.decode("Z3VucwAAAAAAAAAAAAAAAA=="));
        manager.setCookie(rememberMeCookis);
        return manager;
    }

    *//**
     * 缓存管理器使用Ehcache实现
     * @param ehcache
     * @return
     *//*
    @Bean
    public CacheManager getCacheShiroManager(EhCacheManagerFactoryBean ehcache){
        EhCacheManager ehCacheManager=new EhCacheManager();
        ehCacheManager.setCacheManager(ehcache.getObject());
        return ehCacheManager;
    }
    *//*
    * 项目自定的Realm
    *
    * *//*
    @Bean
    public ShiroDbRealm shiroDbRealm(){return new ShiroDbRealm();};

    @Bean
    public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilter=new ShiroFilterFactoryBean();
        shiroFilter.setSecurityManager(securityManager);
        *//**
         * 默认的登陆url
         *//*
        shiroFilter.setLoginUrl("/login");
        *//**
         * 登陆成功后跳转的url
         *//*
        shiroFilter.setSuccessUrl("/");
        *//**
         * 没有权限跳转的url
         *//*
        shiroFilter.setUnauthorizedUrl("/global/error");
        *//**
         * 配置shiro拦截器链
         *
         * anon 不需要认证
         * authc 需要认证
         * user 验证通过火RememberMe登陆的都可以
         *
         * 当应用开启了rememberMe时,用户下次访问时可以是一个user,但不会是authc,因为authc是需要重新认证的
         *          *
         *          * 顺序从上到下,优先级依次降低
         *          *
         *          * api开头的接口，走rest api鉴权，不走shiro鉴权
         *//*
        Map<String,String> hashMap=new LinkedHashMap<>();
        hashMap.put("/static/**","anon");
        shiroFilter.setFilterChainDefinitionMap(hashMap);
        return shiroFilter;
    }
    *//**
     * Shiro生命周期处理器:
     * 用于在实现了Initializable接口的Shiro bean初始化时调用Initializable接口回调(例如:UserRealm)
     * 在实现了Destroyable接口的Shiro bean销毁时调用 Destroyable接口回调(例如:DefaultSecurityManager)
     *//*
    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    *//**
     * 启用shrio授权注解拦截方式，AOP方法级权限检查
     * @param securityManager
     * @return
     *//*
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor=
                new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }


    @Bean
    public MethodInvokingFactoryBean methodInvokingFactoryBean(DefaultWebSecurityManager securityManager){
        MethodInvokingFactoryBean bean=new MethodInvokingFactoryBean();
        bean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
        bean.setArguments(new Object[]{securityManager});
        return bean;
    }*/


}